25games’ six team members are spread all over the country. Communication is done via Skype, Whatsapp, Slack, etc. and for the management we use calendars, Trello and other tools (see “One way to manage a team” – coming next month). But what do you need for your data management? Our requirements are: a cheap solution and full control over the way our data is stored. In this blogpost you’ll learn how we configured a Raspberry Pi as our game developer server to meet our needs. Here’s the table of contents (hover the pulsating points):

Since our Raspberry is connected via Ethernet there’s no WLAN-support needed. With about 10$ electricity costs per year we chose Raspberry Pi 2 Modell B from the list above, because we think that it provides a good trade-off between costs and performance.

Additional equipment

The Raspberry is useless on its own. You require some additional equipment:

Micro SD Card – we are using a 32GB card like the one linked (less storage for example 16GB is also possible, but we thought more is better since the price difference is not that crucial)

Power Supply – there’s the same power supply for European sockets here but we use this one because it seems to have better references

Ethernet cable – the Raspberry Pi 2 has no WLAN OnBoard so you need an ethernet cable (or WLAN-stick) to connect it with your router. We chose to use a cable instead of a WLAN-stick because the server needs to be as fast as possible and it’s stationary anyways.

External storage – it is recommended to use an external storage for your working data. We bought two 64GB USB-sticks – one is for the working data and the other one is for backups of our DokuWiki. Since ownCloud and SVN are making local copies on each PC of our team members we thought that – for the beginning – it’s enough to only make backups of the DokuWiki.

Preperation of your Raspberry Pi

Prepare SD card

Connect to your Raspberry

Connect your Raspberry with the Router via an ethernet cable

Plug-in the written SD card into your Raspberry

Identify the IP address of your Raspberry by taking a look into the router configuration. There should be a list of the connected devices somewhere (a detailed description would go beyond the scope of this article)

Security configuration

If your team members are spread all over the world like ours, you need to make your services (SVN, ownCloud, DokuWiki) available over the internet. In this section we present the most important tasks to protect your server against hacker attacks.

Replace user pi

Every hacker knows that there’s always a user “pi” on systems, which run on Raspbian. That’s why you should replace the user “pi” with another user. To do so firstly create the new user with administrator permissions and set a strong password:

You may realize that you need to retype your new user’s password each time you execute sudo-commands. To avoid this, use the su command to switch to the root user. Then you only have to type in the password once:

sudo su

Automatic updates

It is important to keep your Raspberry up to date. Use these commands:

sudo apt-get update
sudo apt-get dist-upgrade
sudo rpi-update

After rpi-update you may need to reboot your system with:

sudo shutdown -r now

For automatic updates install the packages “unattended-upgrades” and “update-notifier-common” by executing these commands:

Use sudo iptables -L to get a list of the current rules. Be aware that the line -A INPUT -j REJECT –reject-with icmp-host-prohibited is always the last rule in your iptables! Just open /etc/network/iptables to edit the rule list:

sudo nano /etc/network/iptables

After editing you always need to save the current rules:

sudo sh -c "iptables-save > /etc/network/iptables"

To automatically load the rules after restarting your server you have to create a little Pre-Up-Script and insert the following lines:

sudo nano /etc/network/if-pre-up.d/iptables

#!/bin/sh
/sbin/iptables-restore /etc/network/iptables

Then make the file executable:

sudo chmod +x /etc/network/if-pre-up.d/iptables

Enable Port Forwarding

If you want to make your Apache web server reachable over the internet you need to enable port forwarding on your router. The port forwarding settings can be usually found under the firewall section of your router. But there’s no common standard for where the port forwarding configuration page can be found on the router’s web interface. Follow this link and look for your router. There you can find a detailed description for how to configure port forwarding for your specific router. Create a new rule and fill in the form like this:

In the example above Apache listens on port 8443 and forwards the packages to the device with the IP-address of 192.168.0.xy where the last octet (represented as “xy” in the image) needs to be replaced by the address of your Raspberry Pi.

Apache with SSL

The apache server is the basis for all our services: SVN, ownCloud and DokuWiki.
Since we don’t want to unencryptedly transfer our important assets, code-files and internal information we configured our Apache server to only accept secure SSL connections.

ports.conf

This tells your apache server that it should listen on port 8443 for SSL connections.

But why not using the standard port 443 for SSL? That’s because especially when you’re a non-commercial user, the most internet service providers (ISPs) only allow port forwarding on non-standard ports like 8443 (look at “Enable Port Forwarding” for how to configure port forwarding).

If the server can’t be restarted and prints No apache MPM package installed – then install this package:

sudo apt-get install apache2-mpm-prefork

ownCloud

Like Dropbox, ownCloud provides user and group management, version control and synchronization between as many local machines as needed. This service is especially interesting for all our members who don’t have to work with Unity and SVN – mostly for our artists. Surely, they can use SVN if they want to, but we thought a Dropbox-like service with auto-synchronization is easier to use and because of that the artists have more time for their creative work.

Installation

The section “Apache – Installation” explains which packages need to be installed to run ownCloud on an Apache server. Download the latest ownCloud version with the command written below and unpack it (replace x.y.z with the latest ownCloud-Version):

In the section “Apache – Configure site” we explain how to modify the file /etc/apache2/sites-available/default-ssl.conf to run ownCloud on Apache with SSL.

Lastly change the ownership of the ownCloud-directory to the webserver’s user and group:

sudo chown -R www-data:www-data /var/www/owncloud/

Then you can open the graphical installation wizard via your browser by visiting the URL “https://yourserver:8443/owncloud“.

Installation Wizard

Fill in the account information to create a new administrator.

Warning: Change the ownCloud’s data-path to a path outside of the Apache’s root directory (for example /home/newUser/owncloud-data instead of /var/www/owncloud/data). Also use MySQL instead of SQLite for performance reasons. Insert the root password and finish the setup:

Security and performance

Strong directory permissions

Create a new script file:

sudo nano /home/newUser/Desktop/owncloud_permissions.sh

Insert the script below and change the content of the following variables

DokuWiki

We use a wiki to store and share persistent information which won’t be changed for at least some months. E.g. we collect important knowledge which has been gained in meetings. Or we collect data about aspects of our game, for example character descriptions, storylines and quests. We want to avoid confusing text files stored on our ownCloud – everything should be stored on a central and reachable point (more about this in “One way to manage a team” coming next month).

Installation

The section “Apache – Installation” explains which packages need to be installed to run DokuWiki on an Apache server. Download the latest DokuWiki version from here. You can use WinSCP to copy the downloaded archive onto your Raspberry.

Unpack the archive, copy it into your webspace and change the owner of the directory:

Move DokuWiki’s directories

WARNING: If you use the installer of the DokuWiki, you need to execute the install.php script first before you can go on.

Move the folder /var/www/wiki/data to anywhere outside of the Apache’s document root:

sudo mv /var/www/wiki/data /home/newUser/data

Then you need to change the file /var/www/wiki/conf/local.php:

sudo nano /var/www/wiki/local.php

$conf['savedir'] = '/home/newUser/data'; //add this line into /var/www/wiki/conf/local.php

Move the folder /var/www/wiki/conf:

sudo mv /var/www/wiki/conf /home/newUser/conf

Add a new file /var/www/wiki/lib/preload.php with following content:

sudo nano /var/www/wiki/inc/preload.php

<?php
// DO NOT use a closing php tag. This causes a problem with the feeds,
// among other things. For more information on this issue, please see:w
// http://www.dokuwiki.org/devel:coding_style#php_closing_tags
define('DOKU_CONF','/home/newUser/conf/');
// no closing '>'!!

Lastly move the folder /var/www/wiki/bin (or delete it if you don’t have shell access on your server):

mv /var/www/wiki/bin /home/newUser/bin

Update your DokuWiki

You can manually update your wiki or install the upgrade plugin which is definitely more comfortable than the manual solution. Always create a backup of the whole DokuWiki directory before upgrading!

Share this entry

http://25games.net/wp-content/uploads/2016/10/cover_img.jpg728128025gameshttp://25games.net//wp-content/uploads/2016/09/25games-logo.png25games2016-10-28 15:05:222016-11-04 00:52:26Your Raspberry Pi as a game development server

Thank’s for that description- nice solution!
A case for thought to “SSL Encryption”- i recommend “letsencrypt” for public free SSL Certificates. Auto- renewal for apache2 webserver can be done easily!
For ssh- Access from external, i would install a VPN Server Software (e.g. Softether, based on OpenSwan IPSEC/L2TP) to reach maximum security 😉

Thanks for your comment and thanks for your hints.
Public free SSL certificates will be covered in another blog post – we’ll give https://letsencrypt.org a try!
Regarding external SSH: we’ve completely forwent external SSH since we haven’t needed it yet. Thanks for the keywords anyway. I think we’ll write about this too some day.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we'll assume that you are happy to receive all cookies from this website.OKMore